RSA SecurID Access provides one RADIUS profile named Default RADIUS Profile. Use this profile to specify the return list and checklist attributes that are exchanged between the RADIUS client and server during authentication. These attributes are used to validate the request and to set parameters for the user's session.

In the Attribute Name field, begin typing the attribute name to see valid attributes from the RADIUS dictionary file and select the one you want from the drop-down list.

If you want to leave the attribute value blank and ensure that the value in the user request is returned to the client in the RADIUS response, select the Echo checkbox.

If you did not select Echo, you must specify a value in the Value field. Some attributes support multiple values, and the order is important for certain attributes. The return list in the RADIUS server response displays the values in the order you specify.

Click Save.

(Optional) In the Checklist field, click ADD.

In the Attribute Name field, begin typing the attribute name to see valid attributes from the RADIUS dictionary file and select the one you want from the drop-down list.

In the Value field, specify the attribute value required in the user’s authentication request. Some attributes support multiple values, and the order is important for certain attributes.

Note:You must enter the value using the correct data type. The field hint indicates the data type.

Select the Optional for user request processing checkbox if you want the RADIUS server to processes authentication requests that do not contain this attribute. When unselected, the RADIUS server rejects requests that do not contain this attribute.

Click Save.

(Optional) Click Publish Changes if you want to activate the setting immediately. Otherwise, changes accumulate and are published during the next publish operation.